Jump to content

Search the Community

Showing results for tags 'false positive'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Hi, Our website www. blueshydrugs .com ( is clean, but it is marked by your MBAM program as malware website. Please unblock it. If you believe it is not a F/P, please shed a light on how to improve the website. Thanks!
  2. hi, i posted 4 unlisted pdfs on issuu.com over the past week. my computer has always allowed me to open them fine. now suddenly malwarebytes is flagging them as a malicious website - so i can't access them. please unblock or let me know how i can configure malwarebytes to allow them; i added issuu.com as a domain exception, which hasn't worked... thanks, atmos
  3. Malwarebytes Anti-Malware (MEE) www.malwarebytes.org Database version: main: v2016.09.07.06 rootkit: v0000.00.00.00 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.18376 cmckinney :: CMCKINNEY7 [administrator] Protection: Enabled 9/7/2016 2:04:53 PM MBAM-log-2016-09-07 (14-08-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Objects scanned: 407870 Time elapsed: 2 minute(s), 57 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\cmckinney\Desktop\grx.dll (Spyware.Banker) -> No action taken. [c0921d525e3cf145e86dc3a727d9748c] (end)
  4. I've downloaded the useful tool "Bat To Exe Converter" from http://www.f2ko.de/en/b2e.php It's a useful tool if you want to make EXEs out of BAT files (with icon). The problem is that any result file gets erroneously detected as malware (attached). Try for example to create a simple bat file to launch a program and attach an icon (.ico) to it (e.g. see my attached Eleusis Game Launcher.exe) Eleusis Game Launcher.zip
  5. hello my website : hxxp://www.enchantier.com was considered as an EMD yesterday... can you help to know why ? hosts-file.net/default.asp?s=enchantier.com today it seems ok , but i want to know why for the future! Thanks ps : sorry for my bad english, i'm french
  6. Attempting to update Office 365 from 16.7070 to 16.7167. MBARW detected OfficeClickToRun.exe as Ransomware, but when I clicked Quarantine, it didn't show up in Quarantine. I had to reboot and disable MBARW in order to install the update.
  7. Hi, I'm part of Open Source game development team. We have installer file at: http://www.secretchronicles.de/fi/download/ File name is TSC-2.0.0-win32.exe . Installer creates optional desktop icon. Desktop icon is detected as Rogue.Total.Security by Malwarebytes trial, that I installed from file mbam-setup- to Windows 10 Home laptop. I did also test TSC.lnk file with VirusTotal and MetaDefender, they came clean. Attached is logfile and zipped TSC.lnk file. Does this TSC.lnk file contain anything malicious? Best Regards, xet7 mbam-log-2016-08-17 (13-46-02)-xml.txt TSC-lnk.zip
  8. HxTSsr.exe has been quarantined, probably as a false positive. Trying to restore it results in an error message and a reference to this forum for help.
  9. Hi, we are a video advertising vendor for newspaper and broadcast sites in the US. We provide services to these publishers and they run our video content on their websites via a 300x250 HTML5 video widget. The widget features their videos (for their markets) and pulls in the content from our servers at reelcentric.com ( ). The video content features local businesses that have paid to be featured. This past week, we received reports that Malwarebytes is blocking our domain and it is creating problems for our newspaper sites. Please review our site and remove it from the blocked list. Our webmaster has scanned our domain for any suspicious files and created new domain security to protect against attacks. The domain is clean. Please check and remove our domain from your blocked list. Thank you.
  10. Malware Bytes quarantined several objects. 1500+ These objects were PUPs(Potentially Unwanted Programs) or PUMs(Potentially Unwanted Modifications) I'd requested for PUPs and PUMs to be treated as Malware. Unfortunately, my system started encountering problems when the PUPs and PUMs were quarantined. I investigated, and found out that some of them, were system objects. I needed to restore those PUPs/PUMs I tried to restore them. However, they had all been marked for deletion on reboot, and I can't restore objects marked for deletion on reboot. I get a pop up box: "Can't restore an item marked for deletion on reboot" Some of my Windows apps(Edge,Reader,...) aren't working. My WiFi isn't working. What do I do. Well, My Wifi is now working. I will attach a log of the scans. Later on, I disabled "Quarantine Automatically", and "treat detections of PUP/PUM as Malware", "And chose "Warn User about detections". Yet the same thing happened again. The same damn thing repeated itself. The program didn't even follow my instructions. I am a very unsatisfied user, and want to uninstall the program. But I need to get my files back from Quarantine. Windows store isn't working. Start Menu App isn't working. Store Apps aren't working as well. My computer didn't get screwed up by malware, but by your damn program. I want assistance in fixing my computer. I don't want to have to reinstall Windows. Malware Bytes Logs.rar
  11. As title. Lots of machines are reporting a file called atinst.exe as Trojan.MalPack. This file is part of Cisco WebEx. Paths detected in: C:\ProgramData\WebEx\WebEx\1224\atinst.exe C:\ProgramData\WebEx\WebEx\500\atinst.exe C:\ProgramData\WebEx\WebEx\1524\atinst.exe C:\ProgramData\WebEx\WebEx\T30_EC\atinst.exe C:\ProgramData\WebEx\WebEx\T31_UMC\atinst.exe C:\ProgramData\WebEx\webex\500\atinst.exe.tmp C:\ProgramData\WebEx\atinst.exe C:\Users\xxxxx\Downloads\atinst.exe
  12. This program is a variant of KODI/XBMC/TVMC. It is a legitimate program, but like Kodi/TVMC, it is detected as ransomeware.
  13. The website www.abelssoft.de and its subdomains are clean but they are detected by Malwarebytes AntiMalware Best regards, Sven
  14. I believe this to be a false positive, because the detections are all different. This is the result of www dot virustotal dot com scan Antivirus Result Update Fortinet W32/AHK.G!worm 20160801 Ikarus Worm.Autorun 20160801 Jiangmin Trojan.Deshacop.iv 20160801 Malwarebytes Trojan.MalPack 20160801 McAfee Artemis!366299EB03D0 20160801 McAfee-GW-Edition BehavesLike.Win32.Dropper.ch 20160801 VBA32 Trojan.Cossta 20160801 ALYac 20160801 AVG 20160801 AVware 20160801 Ad-Aware 20160801 AegisLab 20160801 AhnLab-V3 20160801 Antiy-AVL 20160801 Arcabit 20160801 Avast 20160801 Avira (no cloud) 20160801 Baidu 20160801 BitDefender 20160801 Bkav 20160801 CAT-QuickHeal 20160801 CMC 20160801 ClamAV 20160801 Comodo 20160801 Cyren 20160801 DrWeb 20160801 ESET-NOD32 20160801 Emsisoft 20160801 F-Prot 20160801 F-Secure 20160801 GData 20160801 K7AntiVirus 20160801 K7GW 20160801 Kaspersky 20160801 Kingsoft 20160802 eScan 20160801 Microsoft 20160801 NANO-Antivirus 20160801 Panda 20160801 Qihoo-360 20160802 SUPERAntiSpyware 20160801 Sophos 20160801 Symantec 20160801 Tencent 20160802 TheHacker 20160729 TrendMicro 20160801 TrendMicro-HouseCall 20160801 VIPRE 20160801 ViRobot 20160801 Yandex 20160731 Zillya 20160731 Zoner 20160801 nProtect 20160729 Launch Factorio.zip Factorio_Launcher_Malpack_Detection.txt
  15. Hi, What happens to the quarantined items whenever it is later discovered that the threats are false positive? Are they automatically restored or will they stay in the quarantined folder whenever Malwarebytes is updated? Thanks
  16. Hi Team, I am from Nielsen Netsight offshore support. We want to whitelist our files of new Netsight version proactively. Please help with the request. Kaustubh Dharmadhikari Support Executive
  17. had a false positive [Malware.Ransom.Agent.Genenc] today for C:\Program F11es\Cahbre2\ebook-viewer.exe. caught in a loop, Can't restore an file as it was marked for deletion on reboot. needed to delete and reinstall Calibre. See attached
  18. HI we have a false positive in: www.softalian.com www.mundogatos.com www.butacas24.com and many others in the same server, but we dont have any trojan, phising or ilegal pages. can you unblock our site ASAP. thanks.
  19. A miktex TMP file got quarantied. Should I worry about it? At fist sight, it seems a false positive but... please, let me know if I should worry about it. Best Malwarebytes Anti-Ransomware.zip miktex-update_admin.zip MBAMService.zip
  20. Got another false positive. This time with a game. "Enderal" is a complete overhaul of Skyrim, so it's probably changing many files. But it's definitely no ransomware... Enderal Launcher.zip Malwarebytes.zip MBAMSERVICE.zip
  21. After the most recent update applied, the game Counter-Strike:Global Offensive was quarantined by MBAR when the game launched. csgo.zip logs.zip Malwarebytes Anti-Ransomware.zip
  22. Please remove the website http://mmfarmsupply.com from the blacklist, we have scanned and cleaned it from malware. Thank you
  23. Again a false positive. It worked okay for 1 day. Then suddenly was flagged as ransomware... ultracopier.zip Anti-Ransomware.zip MBAMSERVICE.zip
  24. I got a (presumably) false positive on the older software: supercopier, which is now replaced. But non the less I was wondering if I was the only person with this FP? zip-Files are attached. Anti-Ransomware.zip logs.zip supercopier.zip
  25. Hi, Thanks for this tool, it's simply to use and really reassuring. There is a false positive : uplay.exe (Ubisoft equivalent of Steam) and the registry key. Restored all without any problems by the way. MBAMSERVICE.zip
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.